SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c13f38a385f237978e7793ae928b45bae5c93d58.

Database Entry

SHA1 Fingerprint:c13f38a385f237978e7793ae928b45bae5c93d58
Certificate Common Name (CN):C=xx, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):C=xx, L=Default City, O=Default Company Ltd
TLS Version:TLS 1.2
First seen:2016-11-25 11:59:02 UTC
Last seen:2016-11-26 17:33:44 UTC
Status:Blacklisted
Listing reason:Vawtrak C&C
Listing date:2016-11-26 09:58:50
Malware samples:3
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-26 17:33:4424b4e8154392644f63ab0060e79872cbVirustotal results 23/57 (40.35%) Vawtrak 62.109.12.173:443
2016-11-26 17:33:4424b4e8154392644f63ab0060e79872cbVirustotal results 23/57 (40.35%) Vawtrak 62.109.12.173:443
2016-11-25 15:45:333ed67d0cefb79d67ddede5e6572447c2Virustotal results 33/57 (57.89%) Vawtrak 62.109.12.173:443
2016-11-25 15:45:333ed67d0cefb79d67ddede5e6572447c2Virustotal results 33/57 (57.89%) Vawtrak 62.109.12.173:443
2016-11-25 11:59:020092e5ccdb9c786c86bfff38968b9d8aVirustotal results 26/57 (45.61%) Vawtrak 62.109.12.173:443
2016-11-25 11:59:020092e5ccdb9c786c86bfff38968b9d8aVirustotal results 26/57 (45.61%) Vawtrak 62.109.12.173:443

# of entries: 6 (max: 100)